It A Level CHPT 5 Esecurity

CHAPTER 5
• ESECURITY
1
COURSE: A LEVEL IT , CHAPTER 5 ( ESECURITY) , TUTOR: THOMAS ESIZIMETOR, EMAIL: t.esizimetor@oxbridgecollify.com / thomastigbafe@gmail.com
• Learning Objectives:
 Describe personal data

 Highlight the methods of keeping personal data
secure
 Explain how personal data can be gathered by
unauthorised persons and how this might be
prevented.
 Describe malware
 Explain different types of malware
2
 Explain different types of malware
 Highlight the consequences of malware for
organisations and individuals
 Mention ways of Preventing malware
 Explain health and safety in the use of ICT
gadgets.
3
5.1 PERSONAL DATA
• E-security is a type of security that pertains to

the Internet, such as information security
• E-safety is concerned with protecting personal
data to avoid online exploitation either by
bullying or identity theft. It is also associated with
protecting software against malware issues.
4
PERSONAL DATA
• Personal Data: is extremely valuable , and a lot of

harm can be done to someone if their personal
data is used against them.
• Revealing personal data could lead to criminal
activity .It is therefore vital that it is kept
confidential.
5
• Examples of personal data;
 Bank details
 Medical records
 Salary
 Sex orientation
 User name and password
 Home address
6
• How to Improve E- safety/How to be safer online
when using social networking sites
 Only use websites that are recommended by a

trusted source, for example, a teacher or a
parent.
 Use a search engine that has a filter to remove
inappropriate content.
 Do not open any email attachment from a sender
you do not recognise.
7
when using social networking sites ( Contd.)
 Be very cautious when there is a strong reason to

provide personal data.
 Be cautious about any picture or opinions that
you post or send to people.
 Do not become friends on social networking sites
with people you do not know.
8
when using social networking sites ( Contd.)
 Never arrange face-to-face meetings with a

person that you meet online.
 Make sure that your password you have set on
your social networking account is strong.
 Report or block any unwanted user.
 Use a nickname or pseudonym when using the
internet for entertainment, for example, playing
games.
9
Methods used by unauthorised persons to exploit and collect your personal data
• A. Phishing: Phishing is normally carried out via

electronic communication, such as email.
10
• Phishing is when an unauthorized person attempts to
gather personal data, such as passwords, credit card
details, by disguising themselves as a trustworthy person
or organization, through the use of email.
• The email will look legitimate and will normally

encourage a person to click on a link in the email. When
the link is clicked it will take the user to a website that
will ask them for their personal details. The personal
details will be stolen and used in criminal activity.
11
• Measures to protect against Phishing
 Open email links only from known sender.

 User should make sure that they are cautious
when clicking links in an email.
 Users should check URL that they are being
linked to, to see if it is legitimate.
 User should check the email contents for
grammatical errors and spelling errors.
12
• B. Smishing (SMS Phishing): similar to phishing
but carried out using SMS text messaging
rather than email.
13
• When that number is telephoned, the person
receiving the call will attempt to get personal
details from the caller. The caller could be charged
a great deal of money for the call.
• When the user click on the link in the SMS text

message, a malware is downloaded onto the
users phone. The malware can be used to collect
the user’s data to commit identity fraud or theft.
14
• Measures to protect against Smishing
 Users should be very cautious when clicking on any

link in messages.
 Users should be very cautious in telephoning any
number they are sent in a SMS message.
 Users should not install any application from
senders they do not know.
 Users should be wary of numbers that do not look
like usual mobile numbers.
 Users can add security software to their mobile
phone to help detect any malware. 15
• C. Vishing (Voice phishing): The act of using a
telephone call to try and scam a user into giving
personal data. The scammer will usually pretend
that they are a legitimate business calling the
victim.
16
• The person (scammer ) who is vishing will either
say they are alerting the victim to an issue with
their account, or advising the victim of a
profitable gain. They will often ask the victim
subtle questions to get the personal data they
want.
17
• Measures to protect against Vishing
 People should exercise caution when any

institution contacts them, especially when they ask
for personal details. If in doubt hang up and call
them back on a phone number that is known.
 People should never give out any personal details
regarding issue with their account. A bank will
prevent any kind attack on an account without
needing assistance from the account holder.
18
• D. Pharming: in pharming, a hacker will install
malicious code into a person’s system or
server.
19
• When a user types in a web address they will be
redirected to a fraudulent, but legitimate
looking, replica website, without their consent.
• The user will continue using the website as they
normally would, unaware of the redirection, and
enter their personal details that will then be
stolen.
20
• Measures to protect against Pharming
 User should check if the website looks the same as

when they last visited it.
 Users should look for the padlock security symbol used
to signify the HTTPS, showing that the website is
secure, before entering any personal and financial
details.
 Users should run regular scans of their computer with
anti-virus software that is designed to detect pharming
programs.
21
5.2 MALWARE
• Malware is a computer program that is
designed to damage or disrupt a computer
system, and the file that are stored on it.
• Malicious code: code/program that is intended
to harm the computer.
22
• Various forms of Malware
• A. Trojan Horse: a malicious computer program

that disguises itself as another application which
will delete/corrupt files when the application is
run.
23
• B. Worms: a small computer program that uses
computer networks and finds security holes to
replicate itself. They can exploit a security hole in
a piece of software or operating system. While
replicating they will often clog up network
bandwidth and can make things run slowly.
24
• C. Spyware: covers a broad range of malware. The term
refers to any technology used to gather data about a
person without their knowledge. It is most commonly
used to track the movement of people online (internet/
World Wide Web). A common type of spyware is a key
logger.
• A key logger : records key presses from a keyboard and
will allow the person who installed it to gather personal
data about the person.
25
• D. Adware: Adware is short for advertising-
supported software. It is used to display adverts
that are targeted at the user.
• Adware as malware will present adverts when a
user is browsing the web that is often shown
constantly. They are normally in the form of
popups that cannot be easily closed. They will
mostly just be irritating.
26
• E. Rootkit: A computer program that enables a
person to gain administrator access to a victim’s
computer. It normally gets installed because a
victim’s password is cracked.
• The person installing the rootkit can then use the
access to stop the computer recognising that the
rootkit is there, so the victim will not know that
someone else has complete access to their
computer system.
27
• F. A Bot: is an application that is automated and
used to carry out simple and repetitive tasks.
28
• Malicious bots include:
• SPAM bots which bombard people’s email inboxes

with spam emails.
• Chatter bots will pretend to be humans on sites such
as social networking and dating sites.
• Zombie bots/Sleeper bots are used to create bot
networks and each bot will lay dormant on a
computer until an attack is launched, in this case the
computer will be connected with lots of other
computers that have been compromised by zombie
bots to launch a large-scale attack on an organization.
29
• G. Ransomware: a type of malware that
encrypts and restricts a user’s access to their
computer system and files. The ransomware
usually demands a user to pay a ransom in
order to regain access to their computer, and
usually imitates a law enforcement agency.
30
Consequences of Malware on Organisations and Individuals
• 1. Interrupts and disables services: Malware

breaks the network of an organization and can
easily disrupt the business operations.
• In some cases, they can also disable significant
services offered by the company. This will lead to
huge enterprise losses.
31
(Contd.)
• 2. Personal Information/ Identity will be Retrieved

and Spoofed: Without your interaction, through
emails or downloads, malicious software will enter
into your system and tries to collect personal
information. This is also called identity theft.
Malware runs background and records each and
every activity done by you. For instance, a malware
records browsing history, monitors application you
using and also copies personal information like
user IDs, passwords, bank account details and etc.
32
(Contd.)
• 3. Completely breakdowns the entire enterprise

network Infrastructure: Irrespective of
organization size, a malware involved in
interrupting the enterprise network.
• It completely degrades the network performance
and breakdowns its infrastructure. And thus,
malware blocks the network and affects the
business operations.
33
(Contd.)
• 4. Malware can control all applications executing

on your device: Once downloaded along with e-
mails or internet downloads, malware will control
system applications.
• As they retrieve your personal details, the
malware tries to execute risky code in your
systems to interrupt device operations
completely.
34
(Contd.)
• 5. Access sensitive information: Malware can

easily access the sensitive information of business
by foraying into server machine. It is one of the
major impacts of malware to businesses.
• This will damage the enterprise operations in the
market. It is also possible that malware also leads
to Hardware failure in some cases. The above-
depicted are all few of the major threats
happened by Malware.
35
(Contd.)
• 6. Money extortion: If the malware finds its way

past your cyber-security, one of the reasons could
be extortion of money.
• To this end, Ransomware is particularly
important. It basically freezes your access to your
date until you pay up a certain demanded
amount.
36
(Contd.)
• 7. Keystroke mapping and account access: This is

a malware attack by Trojan, that is very simple,
yet can have deadly consequences. It targets you
as you type in sensitive information into your
computer, like the details of your bank account.
• By shadowing you, it records the keystrokes you
made and goes on to steal your credentials. It can
then access and take out money from your
account without any consent.
37
(Contd.)
• 8. Deleting Entire Files: Malware can go above

and beyond your cyber-security protocols to
delete very sensitive and important business files.
• 9. Website Defacement: This is a big problem in

the current era of online businesses. Defacements
allow cyber-criminals to gain editing access to the
website, and they can delete or modify the
website content.
38
How can Malware be avoided ?
 A user should never open a program unless they

know it is legitimate.
 A user should have a firewall in place that is
monitoring their internet traffic.
 A user should regularly run antivirus check and
malware detection software on their computer
system.
 A user should not open any attachments to emails
from unknown users.
 A user should be cautious when using an open WI-
FI hotspot with extreme caution as anybody could39
HEALTH AND SAFETY
• Health and safety is concerned with protecting

both the person using the IT ( Information
technology) from physical harm, and protecting
the computer itself.
40
HEALTH ISSUES
• A. Repetitive strain injury (RSI): pain, numbness

or weakness that occurs in the hands, arms,
shoulders and neck.
41
• Cause(s)
 Caused by repetitive movements and actions
(continuous and repeated clicking of mouse, or
pressing of keyboard).
 This can often be triggered by poor posture.
• Prevention
 Avoiding doing the same action without taking
regular breaks and usage of wrist rests can help
prevent RSI , and also a Good posture
42
• B. Carpal tunnel syndrome: pain, numbness,
tingling sensation in the hands or fingers.
43
• Cause(s)
 Caused by compression of a major nerve in the
hand that passes over the carpal bones in the
hand. This happens because of repetitive and
continual movements.
• Prevention
 Avoiding doing the same action without taking
regular breaks and usage of wrist rests.
44
• C. Back ache and muscle spasms:
45
• Cause(s)
 Caused by poor posture and from sitting in the
same position for long periods of time.
• Prevention
 Preventive measures include sitting on an
adjustable chair to correct position.
 A chair with added back support will also be
helpful. 46
• D. Eye strain: causes sore eyes, tired eyes or
blurred vision.
47
• Cause(s)
 Caused by looking at a monitor for long periods
of time.
• Prevention
 Regularly looking away from the screen
 Sitting at the correct distance
 Usage of monitors with eye care protection
settings can help reduce eye strain.
48
• E. Deep vein thrombosis: when blood clots
occur, usually in a user’s legs.
49
• Cause(s)
 Caused by sitting in a chair that puts pressure
on the back of a user’s legs, mostly behind the
knees.
• Prevention
 Preventive measures include regularly standing
and moving around when using a computer for
long periods of time.
50
• F. Fatigue: when a user feels very tired and
lethargic. Fatigue can often occur alongside
stress.
51
• Cause(s)
 Caused by overworking
• Prevention
 Taking regular breaks and working for shorter
periods of time when working can reduce levels
of stress and fatigue.
52
SAFETY ISSUES
• A. Fire: can occur when computers overheat, or

due to an overloaded plug socket.
53
• Prevention
 A computer should be used in a ventilated and
fairly cool room.
 In case of fire occurring, a CO2 fire extinguisher
should be in any room that has a computer.
 Plug sockets should not have too many devices
plugged into them, especially devices that
require a lot of power.
54
• B. Trailing wires/cables: could cause a safety
concern possibly making people trip over wires.
55
• Prevention
 Make sure wires are secured in some way,
such as by cable management system.
 Clip all cables together.
56
• C. Spilt drinks/water: can cause a computer
to short, and food trapped between
keyboards can cause difficulties in using the
computer.
57
• Prevention
 Eating and drinking at a computer should be
avoided where possible.
 Spill proof keyboards or covers should be
used.
58
• D. Injury from heavy object: heavy object or
equipment can fall off tables and cause injury.
59
• Prevention
 Ensure sturdy (strongly and solidly built )
desks or tables are used
 Place heavy objects or equipment are in the
centre of tables.
60
• HOME WORK
• QUESTION 1
• In a recent BBC news bulletin it was reported:
• The BBC has obtained exclusive figures from the financial
ombudsman that show there have been nearly 100
complaints about “vishing” in the past three months.
• Describe what is meant by:
• (i) phishing.
• ...............................................................................................
.............................................[3]
• (ii) vishing.
• ...............................................................................................
.............................................[3] 61
• QUESTION 2
• Describe, in detail, three different safety (apart from
e-safety) issues that can arise from the use of IT. For
each issue give one method of helping to prevent it.
Each method must be different.
• Issue 1 ....................................................................
• Prevention ....................................................................
• Issue 2 ......................................................
• Prevention ....................................................................
• Issue 3 ............................................................
• Prevention ............................................ [6]
62

It A Level CHPT 5 Esecurity

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

It A Level CHPT 5 Esecurity

Uploaded by

Copyright:

Available Formats

CHAPTER 5

 Describe personal data

• E-security is a type of security that pertains to

• Personal Data: is extremely valuable , and a lot of

 Only use websites that are recommended by a

 Be very cautious when there is a strong reason to

 Never arrange face-to-face meetings with a

• A. Phishing: Phishing is normally carried out via

• The email will look legitimate and will normally

 Open email links only from known sender.

• When the user click on the link in the SMS text

 Users should be very cautious when clicking on any

 People should exercise caution when any

 User should check if the website looks the same as

• A. Trojan Horse: a malicious computer program

• SPAM bots which bombard people’s email inboxes

• 1. Interrupts and disables services: Malware

• 2. Personal Information/ Identity will be Retrieved

• 3. Completely breakdowns the entire enterprise

• 4. Malware can control all applications executing

• 5. Access sensitive information: Malware can

• 6. Money extortion: If the malware finds its way

• 7. Keystroke mapping and account access: This is

• 8. Deleting Entire Files: Malware can go above

• 9. Website Defacement: This is a big problem in

 A user should never open a program unless they

• Health and safety is concerned with protecting

• A. Repetitive strain injury (RSI): pain, numbness

• A. Fire: can occur when computers overheat, or

You might also like